一种基于包序重排的流水印技术
DOI:
作者:
作者单位:

作者简介:

通讯作者:

中图分类号:

基金项目:

国家高技术研究发展计划(863)(2006AA01Z449, 2007AA01Z2A1); 国家重点基础研究发展计划(973)(2007CB307102)


Flow Watermarking Scheme Based on Packet Reordering
Author:
Affiliation:

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    当前流水印载体局限于包载荷、流速率和包时间3 种.然而,基于包载荷的流水印技术与具体应用层协议有关,难以处理加密流量,且易被检测和过滤;基于流速率和基于包时间的流水印技术难以从根本上抵御时间扰乱,且存在易被检测、水印容量小等问题.采用包序作为流水印载体,提出一种基于包序重排的新型流水印技术PROFW.将纠错码理论引入到水印信息编码中,大大提高了PROFW 技术的鲁棒性,并引入概率调制思想,将包序重排程度控制在正常范围内,保证了PROFW 技术的隐蔽性.测试结果表明,PROFW 技术在保证隐蔽性的前提下,对于自然产生和主动引入的时间干扰和包乱序具有较强的鲁棒性.与当前典型流水印技术相比,PROFW 技术不但在应对时间扰乱和包乱序时的鲁棒性更强,而且提高了水印容量.

    Abstract:

    Watermark carriers of existing network flow watermarking schemes are limited to packet payload, traffic rate, and packet timing. However, packet payload is based on flow watermarking schemes, which depend on specific application protocols, such as telnet and rlogin, but encryted traffic and are invisible to traffic interceptors. At the same time, traffic rate and packet timing based ones are vulnerable to timing perturbation introduced by network transmission and attackers. Even worse, most of them have a low watermark capacity and are visible to multi-flow attack, mean-square autocorrelation attack and timing analysis attacks. This paper utilizes packet order as a watermark carrier and proposes a novel packet reordering based flow watermarking (PROFW) scheme. To achieve robustness against packet out-of-order pertubation, a theory of error correcting code is introduced into watermark encoding. Meanwhile, this paper utilizes a stochastic modulation approach to increase the stealthiness of PROFW scheme by controlling packet reordering degree not exceeding normal levels. Empirical results prove its robustness against timing and packet out-of-order pertubations, introduced by network transmission and deliberately by attackers. Compared with typical flow watermarking schemes, PROFW scheme, which has a higher watermark capacity, is more robust against timing and packet out-of-order pertubations.

    参考文献
    相似文献
    引证文献
引用本文

张连成,王振兴,徐静.一种基于包序重排的流水印技术.软件学报,2011,22(zk2):17-26

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2011-02-15
  • 最后修改日期:2011-05-31
  • 录用日期:
  • 在线发布日期: 2012-03-30
  • 出版日期:
文章二维码
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号